<?php

if(stristr($_SERVER['PHP_SELF'],".inc.php")) { 
	header("Location:index.php"); 
	exit; 
}

if($_POST['add']) {
	unset($_errors); 
	if(!$_POST['teaser']) {
		$_errors .= $Lang['errNoText'] . "<br />\n";
	}
	if(!$_POST['title']) {
		$_errors .= $Lang['errNoTitle'] . "<br />\n";
	}
	if(!$_errors) { 
		$Xpost = str_replace("<?","&lt;?",$_REQUEST['post']); //no PHP, period
		$Xteaser = str_replace("<?","&lt;?",$_REQUEST['teaser']); //no PHP, period
		if(!$CONFIG['allow_js']) {  //you want to allow scripting? enable it in flconf.php
			$Xpost = str_replace("<script","&lt;script",$Xpost);
			$Xpost = str_replace("</script","&lt;/script",$Xpost);
			$Xteaser = str_replace("<script","&lt;script",$Xteaser);
			$Xteaser = str_replace("</script","&lt;/script",$Xteaser);
		}
		$topic = $_POST['topic'];
		if(!$_POST['pubdate']) { $_POST['pubdate']= date("m-d-Y H:i:s"); }
		if(!$_POST['slug']) { $slug=''; } else { $slug=urlify($_POST['slug']); } 
		$pubdate = parse_pubdate($_POST['pubdate'],$CONFIG['backend']);
		$id = new_post($pubdate,$_POST['title'],$Xteaser,$Xpost,$_POST['public'],$auth['uid'],$topic,$slug);  
		$tags = explode(",",$_POST['tags']); 
		if(is_array($tags)) { 
			foreach($tags as $k=>$v) {  
				$t = add_tag($id,trim($v)); 
			}
		}
		$_hideForm = TRUE;
		unset($goto); 
		$goto = $self."?m=p&id=".$id; 
		$apidir = $svrRoot."api/"; 
		$pings = glob ("$apidir/{*.ping.php}",  GLOB_BRACE);
		if(is_array($pings)) { 
			foreach($pings as $k=>$v) { 
				include($v); 
			}
		}
		header("Location: ".$goto);
		exit; 
	} else { 
		$_hidePosts = TRUE; 
	}
}
?>